Hierarchical cooperated network virus and malice code recognition method

A technology of malicious code and identification method, applied in the field of computer network security

Inactive Publication Date: 2005-06-08
UNIV OF SCI & TECH OF CHINA
View PDF2 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the deficiencies of existing network virus and malicious code identification technologies, the present invention proposes a layered and collaborative network virus and malicious code identification method to solve the problem of identifying abnormal behaviors of unknown network viruses and malicious codes, and to realize the identification of a single system and the entire system. Monitoring of unknown network viruses and malicious code abnormal behavior in the subnet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Hierarchical cooperated network virus and malice code recognition method
  • Hierarchical cooperated network virus and malice code recognition method
  • Hierarchical cooperated network virus and malice code recognition method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] 1. Use several general-purpose micro-personal computers to connect to a network environment through switches

[0053] Specifically adopted in this embodiment are three Pentium IV microcomputers, and a Dell notebook, and an enterprise server, plus a Great Wall 24-port 10M / 100M adaptive Ethernet switch GES-1125 switchboard, through which several microcomputers Three Pentium IV microcomputers, a Dell notebook and an enterprise server are connected into a network.

[0054] figure 1 The workflow for identifying network viruses and malicious codes for layered collaboration in this embodiment is given. The direction of the arrow indicates the sequence of the work flow, the tail of the arrow is the input of the next step, and the end of the arrow is the operation of the next step. One of the Pentium series microcomputers is used to run the network console 1, and the remaining two Pentium IV microcomputers, a Dell notebook, and an enterprise server are all used to execute the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A layered coordinate network virus and vicious code recognizing method. The characteristics are: use strong self-protection mechanism of biological immunity for reference, correspond the network virus and vicious code recognizing method to the multi-level protective mechanism of biological immunity system, judge the dangerous degree of the stand-by detected script through statistically analyzing the word frequency of the key words, based on the point view of 'self-collection' of register form operation analyze and judge the exceptional behavior of the register form written in the form route, and recognize non-self the executing sequence of the programming interface of the applied program, at last send all the exceptional behavior information to the network control station through the network. It well solves the problem of the identification of the unknown network virus and vicious code, and has good capacity of identification, realizes the monitoring and management of the network virus and vicious code of single system and the whole sub-network.

Description

Technical field: [0001] The invention belongs to the technical field of computer network security, in particular to the identification technology of network viruses and malicious codes. Background technique: [0002] According to the introduction of the Institute of Electrical and Electronics Engineers "Potential" magazine (IEEE POTENTIALS, October 2001, the fourth issue, pages 16-19) published in the United States, the existing computer anti-virus identification technologies can be roughly divided into the following types: ( 1) Scanning based on signatures, mainly for known viruses. (2) virtual machine technology, its basic idea is to place suspicious programs in a virtual machine environment to execute to determine whether it is a virus, but still faces many problems such as the effect of virtual machines and how to ensure the security of virtual machines. (3) The heuristic method, whose basic idea is to try to detect family viruses and unknown viruses through generalized...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/00
Inventor 王煦法曹先彬罗文坚马建辉张四海
Owner UNIV OF SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap